Ryan Tomcik, Adrian McCabe, Rufus Brown, and Geoff Ackerman write: Earlier this year, Mandiant’s Managed Defense threat hunting team identified an UNC2975 malicious advertising (“malvertising”) campaign promoting malicious websites themed around unclaimed funds. This campaign dates back to at least June 19, 2023, and has abused search engine traffic and leveraged malicious advertisements to affect…
Category: Of Note
FCC Approves Major Updates to Data Breach Notification Rules
Chris Riotta reports: The U.S. Federal Communications Commission voted Wednesday along party lines to update 16-year-old privacy protection rules and expand breach notification requirements as part of an effort to provide law enforcement and the public with real-time information about harmful data breaches. The new rule expands the scope of the FCC’s breach notification requirements…
MoD fined £350k over data breach that endangered lives of Afghan interpreters
Public Technology reports: The Ministry of Defence has been fined £350,000 over a data breach that divulged the identities of hundreds of Afghan nationals who worked for the UK government in Afghanistan. According to data watchdog the Information Commissioner’s Office, the incident allowed 245 recipients of an email about the evacuation of eligible people to…
Ted Cruz wants to stop the FCC from updating data-breach notification rules
Jon Brodkin reports: Sen. Ted Cruz (R-Texas) and other Republican senators are fighting a Federal Communications Commission plan to impose new data-breach notification requirements on telecom providers. In a letter sent to FCC Chairwoman Jessica Rosenworcel today, the senators claim the pending FCC action would violate a congressional order. The letter was sent by Cruz, Sen. Minority…
Russian banker of Hive ransomware network arrested in Paris
The following is an automatic machine translation of an article by Le Figaro with AFP: A Russian, suspected of having recovered in cryptocurrencies the money taken from French victims of the powerful Hive ransomware , dismantled in January, was arrested last week, AFP learned on Tuesday December 12 from the judicial police. The suspect, ”…
Attorney General James Secures $400,000 from Dental Insurance Provider for Failing to Protect Patient Data
Chris Boyle reports: New York Attorney General Letitia James today secured $400,000 from one of New York’s largest dental insurance providers, Healthplex, Inc. (Healthplex), for failing to properly protect the personal and medical information of New Yorkers. Healthplex, a Long Island-based company, had inadequate data security practices that made it susceptible to a data breach attack…